This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote Windows host contains an application that may be affected
by multiple vulnerabilities.
The version of QuickTime installed on the remote Windows host is
older than 7.7.1 and may be affected by the following
- A cross-site scripting issue exists in HTML files
generated by the 'Save for Web' export feature.
- A buffer overflow error exists in the handling of
H.264 encoded video files. (CVE-2011-3219)
- An error exists in the processing of URL data handlers
in movie files and can allow access to uninitialized
areas of memory. (CVE-2011-3220)
- An error exists in the handling of the 'atoms'
hierarchy as well as 'TKHD atoms' in movie files.
- Buffer overflow errors exist in the processing of
of FlashPix, FLIC, PICT and FLC-encoded files.
(CVE-2011-3222, CVE-2011-3223, CVE-2011-3247,
- An unspecified error can allow memory corruption when
viewing certain video files. (CVE-2011-3228)
- An error related to signedness exists in the handling
of font tables in QuickTime video files. (CVE-2011-3248)
- An integer overflow error exists in the handling of
JPEG2000 encoded video files. (CVE-2011-3250)
See also :
Upgrade to QuickTime 7.7.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Nessus Plugin ID: 56667 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now